3 g@sddlmZddlmZddlmZddlmZddlm Z ddl m Z ddZ Gd d d e Z Gd d d e ZGd ddeZdS))auth) load_backend)RemoteUserBackend)ImproperlyConfigured)MiddlewareMixin)SimpleLazyObjectcCst|dstj||_|jS)N _cached_user)hasattrrget_userr)requestr \/var/www/tester-filtro-web/env/lib/python3.6/site-packages/django/contrib/auth/middleware.pyr s  r c@seZdZddZdS)AuthenticationMiddlewarecs(tdstdtfdd_dS)NsessionzThe Django authentication middleware requires session middleware to be installed. Edit your MIDDLEWARE setting to insert 'django.contrib.sessions.middleware.SessionMiddleware' before 'django.contrib.auth.middleware.AuthenticationMiddleware'.cstS)N)r r )r r r sz:AuthenticationMiddleware.process_request..)r AssertionErrorruser)selfr r )r r process_requests z(AuthenticationMiddleware.process_requestN)__name__ __module__ __qualname__rr r r r rsrc@s0eZdZdZdZdZddZddZdd Zd S) RemoteUserMiddlewarea Middleware for utilizing Web-server-provided authentication. If request.user is not authenticated, then this middleware attempts to authenticate the username passed in the ``REMOTE_USER`` request header. If authentication is successful, the user is automatically logged in to persist the user in the session. The header used is configurable and defaults to ``REMOTE_USER``. Subclass this class and change the ``header`` attribute if you need to use a different header. Z REMOTE_USERTc Cst|dstdy|j|j}Wn,tk rN|jrJ|jjrJ|j|dSX|jjr||jj |j ||krrdS|j|t j ||d}|r||_t j ||dS)NrzThe Django remote user auth middleware requires the authentication middleware to be installed. Edit your MIDDLEWARE setting to insert 'django.contrib.auth.middleware.AuthenticationMiddleware' before the RemoteUserMiddleware class.)Z remote_user)r rZMETAheaderKeyErrorforce_logout_if_no_headerris_authenticated_remove_invalid_userZ get_usernameclean_usernamerZ authenticatelogin)rr usernamerr r r r.s"   z$RemoteUserMiddleware.process_requestc Cs>|jtj}tj|}y|j|}Wntk r8YnX|S)zr Allow the backend to clean the username, if the backend defines a clean_username method. )rrBACKEND_SESSION_KEYrrAttributeError)rr r Z backend_strbackendr r r rTs  z#RemoteUserMiddleware.clean_usernamec CsPyt|jjtjd}Wntk r6tj|YnXt|trLtj|dS)z Remove the current authenticated user in the request which is invalid but only if the user is authenticated via the RemoteUserBackend. N) rrgetrr! ImportErrorZlogout isinstancer)rr Zstored_backendr r r ras  z)RemoteUserMiddleware._remove_invalid_userN) rrr__doc__rrrrrr r r r rs  & rc@seZdZdZdZdS)PersistentRemoteUserMiddlewarea Middleware for Web-server provided authentication on logon pages. Like RemoteUserMiddleware but keeps the user authenticated even if the header (``REMOTE_USER``) is not found in the request. Useful for setups when the external authentication via ``REMOTE_USER`` is only expected to happen on some "logon" URL and the rest of the application wants to use Django's authentication mechanism. FN)rrrr(rr r r r r)ps r)N)Zdjango.contribrZdjango.contrib.authrZdjango.contrib.auth.backendsrZdjango.core.exceptionsrZdjango.utils.deprecationrZdjango.utils.functionalrr rrr)r r r r s       V